StatCounter


Sunday, August 1, 2010

Protect yourself from Windows shortcut exploit

Update:
Microsoft is issuing a permanent patch for the shortcut vulnerability, it is recommend that users uninstall the Sophos Windows Shortcut Exploit Protection Tool before applying the Microsoft fix from Window Update.



What is the Windows Shortcut Exploit?
The Windows Shortcut Exploit, also known as CPLINK, is a zero-day vulnerability in all versions of Windows that allows a Windows shortcut link, known as an .lnk file, to run a malicious DLL file. The dangerous shortcut links can also be embedded on a website or hidden within documents.

The exploit works when you open a device, network share or WebDav point carrying an infection you don't need to click on anything for the exploit to work, even if you have AutoPlay and AutoRun disabled.

The above vulnerability have been confirmed by Microsoft. To read it, click here.

Windows Shortcut Exploit Protection Tool by Sophos
-Detects the Windows Shortcut Exploit
-Blocks exploit from running
-Works with your existing anti-virus

0 comments: